WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

[Xen-devel] HT Vulnerability CAN-2005-0109

To: xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxx>
Subject: [Xen-devel] HT Vulnerability CAN-2005-0109
From: Nils Toedtmann <xen-devel@xxxxxxxxxxxxxxxxxx>
Date: Wed, 18 May 2005 16:43:44 +0200
Delivery-date: Wed, 18 May 2005 14:43:15 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
Sorry if this is a dupe. I quickly checked the lists and the bitkeeper
changesets but found no reference. If i missed it, ignore this mail.


Just stumbled on /. upon CAN-2005-0109 and wonder if xen is affected:

  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0109>
  <http://www.daemonology.net/hyperthreading-considered-harmful/>

I have _no_clue_ about OS internals, processors or programming, but as i
understood the abstract this is a bug on some intel pentium/xeon cpus in
their hyperthreading implementation (i read it "ht threads share cpu
cache in a way that information leaks from one thread to another"). The
author states that the OS kernel (here: the xen kernel) could workaround
that bug.

Is it possible that two domain kernels running on the same physical core
but on different ht threads leak information to each other exploiting
this covert/side channels?

I apologize in advance if all this does not make sense ...

/nils.


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel